On Sun, Nov 26, 2006 at 02:48:55PM -0700, Vernon Schryver wrote: > > From: Paul Vixie > From: Gary Mills > > > These days, a great deal of spam seems to be coming from networks of > > > compromised Windows desktop computers. These can be located anywhere in > > > the > > > world. Is there a DNS RBL that's specialized for these spam sources? > > > > there are quite a few. there's the MAPS QIL (now a property of trendmicro), > > the SpamHaus XBL, the Blitzed OPM, and at least one list at SORBS. all of > > these specialize in bot-infected transient spam sources. > > I think the CBL is the component of SpamHaus' XBL that lists bots. > I also think that other compoents of the XBL are worthwhile. See > http://www.spamhaus.org/xbl/index.lasso > and > http://cbl.abuseat.org/
Thanks for all the suggestions. I'll investigate them. > Mailboxes that should not receive messages even mentioning evil URLs > such as web pages hosted on bots can profit by rejecting mail containing > evil URLs. I've forgotten which software SpamHaus recommends for that, > but it can be done with dccm, dccifd, and dccproc -B. However, if I > recall correctly that Gary Mill's installation neither scores as with > SpamAssassin nor uses per-user dccm whiteclnt files, dccm -B would probably > not be useful to him. Yes, we use a single client whitelist that incorporates nominations from all users. I could create per-user whitelists for a few mailboxes. Are you saying that checking URLs in e-mail against a DNS blacklist would result in too many false positives? How is that possible? Are the blacklists contaminated? -- -Gary Mills- -Unix Support- -U of M Academic Computing and Networking- _______________________________________________ DCC mailing list [EMAIL PROTECTED] http://www.rhyolite.com/mailman/listinfo/dcc
